| Cybersecurity taxonomies comprise complex relational dependencies and detailed textual descriptions, forming heterogeneous hierarchical knowledge graphs. Modeling such systems requires jointly leveraging semantic content and graph topology, particularly when new entities are continuously introduced. This work addresses inductive link prediction in dynamic cybersecurity taxonomies, focusing on associating previously unseen software weaknesses with established attack patterns under limited or absent relational context. In such scenarios, new weaknesses appear as isolated nodes, constraining structural information at inference. Although recent approaches rely on language models for textual encoding, they often underutilize the graph’s relational structure. To address this, the proposed method adopts a two-stage strategy: candidate links are generated through textual similarity to existing weaknesses, then an adapted SEAL+ framework learns topology-aware representations enriched with PCA-reduced semantic embeddings to discriminate links. Experimental evaluation across two inductive settings—absent and limited relational context—demonstrates that jointly modeling structural dependencies and textual semantics consistently outperforms text-only baselines, with ROC-AUC improvements of 3.2–4.5%, and MRR improvements of 2.0–3.8% |
*** Title, author list and abstract as submitted during Camera-Ready version delivery. Small changes that may have occurred during processing by Springer may not appear in this window.